The Pentagon is looking to bring in machine-learning tools to monitor its networks for suspicious activity and act as the first line of defense during cyberattacks.
Last week, the Defense Information Systems Agency started seeking out commercial cybersecurity tools that could detect and respond to incidents across the agency’s numerous networks without direct input from humans. By using automation and machine learning to defend against common attacks, the system would allow the Pentagon’s cyber personnel to focus on more pressing threats.
“DISA desires to leverage commercially available technology to strengthen its ability to detect and thwart cyber-attacks in real-time before those attacks can do the intended damage to the [Defense Department] systems DISA protects,” officials said in the solicitation. “While DISA employs a number of cybersecurity products and services, it is constantly striving to minimize the time to detect, respond to, and, ultimately, mitigate attacks.”
According to the solicitation, the tools would counter attacks by employing so-called cybersecurity “playbooks,” which are sets of pre-selected guidelines for responding to specific incidents. Once deployed, tools would analyze attacks, determine the appropriate playbook to follow, and launch a response without any human intervention.
This playbook-based approach would let tools independently respond to the most common types of cyberattacks, automating a significant amount of the workload that occupies Pentagon cyber personnel today. Instead of manually interpreting network data and executing rote playbooks, those experts would have the opportunity to focus on “harder and more immediate issues,” officials said.
The system would also improve its ability to characterize attacks over time, “drastically reduc[ing] low-level alerts and virtually rid[ding] it ..
Support the originator by clicking the read the rest link below.
